Documentation

Elasticsearch Integration

Alooma can replicate documents from an index on your Elasticsearch server to your data destination. Setup is quick and easy with these simple steps.

If you don't plan on connecting to Elasticsearch through SSH, you'll need to open access of Elasticsearch's port to Alooma's IP addresses.

52.35.19.31/32

52.88.52.130/32

52.26.47.1/32

52.24.172.83/32

Add your Elasticsearch input with the following configuration information:

Elasticsearch hostname or IP

Elasticsearch port (default is 9200)

The Elasticsearch index you'd like to replicate (each index requires a new input)

An optional user name and password if your server requires it

An optional JSON query that will filter to pull selected documents (if you don't pass one, the entire index will be replicated)

The replication frequency you'd like us to pull the documents (default is every 8 hours). Note that more frequent replications will create a heavier load on your Elasticsearch server as well as increase your event usage of Alooma, as we do a full dump and load on every pull.

If you want to connect your Elasticsearch via SSL, you can check that and also define if you want to allow the usage of self-signed certificates.

If your Elasticsearch server is behind an SSH server you can connect to Elasticsearch via SSH.

Keep the mapping mode to the default of OneClick if you'd like Alooma to automatically map all Elasticsearch documents directly to your data destination. Otherwise, they'll have to be mapped manually from the Mapper screen.